问题
I'm trying to use OAuth for authentication for the FreshBooks API from my ASP.NET MVC C# app. Here is what I have so far:
I'm using DotNetOpenAuth here is the code I have in my controller action
if (TokenManager != null)
{
ServiceProviderDescription provider = new ServiceProviderDescription();
provider.ProtocolVersion = ProtocolVersion.V10a;
provider.AccessTokenEndpoint = new MessageReceivingEndpoint ("https://myfbid.freshbooks.com/oauth/oauth_access.php", DotNetOpenAuth.Messaging.HttpDeliveryMethods.PostRequest);
provider.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://myfbid.freshbooks.com/oauth/oauth_request.php", DotNetOpenAuth.Messaging.HttpDeliveryMethods.PostRequest);
provider.UserAuthorizationEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://myfbid.freshbooks.com/oauth/oauth_authorize.php", DotNetOpenAuth.Messaging.HttpDeliveryMethods.GetRequest);
provider.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() };
var consumer = new WebConsumer(provider, TokenManager);
var response = consumer.ProcessUserAuthorization();
if (response != null)
{
this.AccessToken = response.AccessToken;
}
else
{
// we need to request authorization
consumer.Channel.Send(consumer.PrepareRequestUserAuthorization(
new Uri("http://localhost:9876/home/testoauth/"), null, null));
}
}
The TokenManager is the same class that is provided with the DotNetOpenAuth sample, I've set my consumer secret that FreshBooks gave me.
On the consumer.Channel.Send(consumer.PrepareRequestUserAuthorization(...)) I've got the following exception:
"The remote server returned an error: (400) Bad Request.".
Am I doing this correctly? Based on FreshBooks documentation and DotNetOpenAuth samples that should work correctly.
Is there a simpler way to authenticate with OAuth, as DotNetOpenAuth is a bit huge for simply using OAuth authentication?
回答1:
if you want to use DotNetOpenAuth you need to make sure that:
- you use signature method "PLAINTEXT"
- and use PlaintextSigningBindingElement as TamperProtectionElements
something like this works for me:
public static readonly ServiceProviderDescription ServiceDescription = new ServiceProviderDescription
{
ProtocolVersion = ProtocolVersion.V10a,
RequestTokenEndpoint = new MessageReceivingEndpoint(oAuthBase + "/oauth_request.php", HttpDeliveryMethods.PostRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint(oAuthBase + "/oauth_authorize.php", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint(oAuthBase + "/oauth_access.php", HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new PlaintextSigningBindingElement() }
};
public static void RequestAuthorization(WebConsumer consumer)
{
if (consumer == null)
{
throw new ArgumentNullException("consumer");
}
var extraParameters = new Dictionary<string, string> {
{ "oauth_signature_method", "PLAINTEXT" },
};
Uri callback = Util.GetCallbackUrlFromContext();
var request = consumer.PrepareRequestUserAuthorization(callback, extraParameters, null);
consumer.Channel.Send(request);
}
回答2:
You could try using my open source OAuth Library. It's extremely simple to use and get going. I have a sample project that's available in the download that connects to Google, Twitter, Yahoo and Vimeo. I've intentionally kept the code very simple so it's easy to understand.
OAuth C# Library
I've not used FreshBooks, but it should be a simple matter of changing the url for one of the providers in the sample application and of course setting up provider specific keys etc.
来源:https://stackoverflow.com/questions/4974056/authentication-to-freshbooks-via-dotnetopenauth